MUST READ

Hackers exploit Fortra GoAnywhere flaw before public alert

 | 

UK NCSC warns that attackers exploited Cisco firewall zero-days to deploy RayInitiator and LINE VIPER malware

 | 

Google warns of Brickstorm backdoor targeting U.S. legal and tech sectors

 | 

U.S. CISA adds CISCO Secure Firewall ASA and Secure FTD flaws to its Known Exploited Vulnerabilities catalog

 | 

Operation HAECHI VI seized $439M from global cybercrime rings

 | 

Volvo North America disclosed a data breach following a ransomware attack on IT provider Miljödata

 | 

Cisco fixed actively exploited zero-day in Cisco IOS and IOS XE software

 | 

Nation-State hackers exploit Libraesva Email Gateway flaw

 | 

SolarWinds fixed a critical RCE flaw in its Web Help Desk software

 | 

How threat actors breached a U.S. federal civilian agency by exploiting a GeoServer flaw

 | 

Cloudflare mitigates largest-ever DDoS attack at 22.2 Tbps

 | 

U.S. CISA adds Google Chromium flaw to its Known Exploited Vulnerabilities catalog

 | 

US Secret Service dismantled covert communications network near the U.N. in New York

 | 

A suspected Scattered Spider member suspect detained for casino network attacks

 | 

$150K awarded for L1TF Reloaded exploit that bypasses cloud mitigations

 | 

Canada's RCMP closes TradeOgre, seizes $40M in country’s largest crypto bust

 | 

Stellantis probes data breach linked to third-party provider

 | 

FBI alerts public to spoofed IC3 site used in fraud schemes

 | 

EU agency ENISA says ransomware attack behind airport disruptions

 | 

Researchers expose MalTerminal, an LLM-enabled malware pioneer

 | 

search

Date range
Filters

17525 results

Pierluigi Paganini February 11, 2019
MetaMask app on Google Play was a Clipboard Hijacker

Security researcher Lukas Stefanko from ESET discovered the first Android cryptocurrency clipboard hijacker impersonating MetaMask on the official Google Play store. The rogue MetaMask app is a Clipboard Hikacker that monitors a device’s clipboard for Bitcoin and Ethereum addresses and replaces them with addresses of wallets under the control of the attacker. Using this trick the attackers can transfers funds […]

Pierluigi Paganini February 11, 2019
A mysterious code prevents QNAP NAS devices to be updated

Users of QNAP NAS devices are reporting through QNAP forum discussions of mysterious code that adds some entries that prevent software update. Users of the Network attached storage devices manufactured by QNAP  have reported a mystery string of malware attacks that disabled software updates by hijacking entries in host machines’ hosts file. According to the […]

Pierluigi Paganini February 11, 2019
Password Checkup Chrome extension warns users about compromised logins

Google has released a new extension for Chrome dubbed Password Checkup that will alert users if their username/password combinations were leaked online as part of a dump after a data breach. Last week Google released Password Checkup a Chrome extension that warns users about compromised logins every time they will enter login credentials on a […]

Pierluigi Paganini February 11, 2019
Thousands of RDM refrigeration systems exposed online are at risk

Experts from Safety Detective discovered thousands of refrigeration systems made by Resource Data Management (RDM) exposed to remote attacks. Thousands of instances of a temperature control system made by Resource Data Management (RDM) are exposed to remote attacks because they were using default passwords and failed in implementing other security measures. The vulnerable instances are used […]

Pierluigi Paganini February 10, 2019
Adiantum will bring encryption on Android devices without cryptographic acceleration

Google announced Adiantum, a new encryption method devised to protect Android devices without cryptographic acceleration. Google announced Adiantum, a new encryption method devised to protect Android devices without cryptographic acceleration. “Adiantum is an innovation in cryptography designed to make storage encryption more efficient for devices without cryptographic acceleration, to ensure that all devices can be encrypted.” reads the […]

Pierluigi Paganini February 10, 2019
Google open sourced the ClusterFuzz fuzzing platform

Google has open sourced ClusterFuzz, its fuzzing infrastructure it has developed to find memory corruption vulnerabilities in Chrome. Google has open sourced its fuzzing infrastructure ClusterFuzz that the tech giant developed to find memory corruption bugs in the Chrome browser. ClusterFuzz is a scalable fuzzing tool that can run on clusters with more than 25,000 cores. […]

Pierluigi Paganini February 10, 2019
New Linux coin miner kills competing malware to maximize profits

Security experts from Trend Micro have discovered a new strain of coin miner that targets the Linux platform and installs the XMR-Stak Cryptonight cryptocurrency miner. Security experts from Trend Micro have discovered a new strain of coin miner that targets the Linux platform and installs the XMR-Stak Cryptonight cryptocurrency miner, researchers observed it killing other Linux malware […]

Pierluigi Paganini February 10, 2019
Security Affairs newsletter Round 200 – News of the week

A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Let me inform you that my new book, “Digging in the Deep Web” is online with a special deal 20% discount Kindle Edition Paper Copy Once again thank you! Can Enterprises execute a GRC Movement? Experts observed […]

Pierluigi Paganini February 09, 2019
GandCrab ransomware campaign targets Italy using steganography

A newly discovered malware campaign leverages steganography to hide GandCrab ransomware in an apparently innocent Mario image. Security experts at Bromium have discovered a malware campaign using steganography to hide the GandCrab ransomware in a Mario graphic package. According to Matthew Rowan, a researcher at Bromium, threat actors use steganography to hide the malicious code and […]

Pierluigi Paganini February 09, 2019
Exclusive – MalwareMustDie Team analyzed the Cayosin Botnet and its criminal ecosystem

Cayosin Botnet: a deeper look at this threat supported by the psychological profile of the “youngsters-wannabe-hackers” Rolex boasters Money, botnet as service business and coding on the dark side of the life: “At this point of my life… if it doesn’t make me money, I don’t make time for it”, is stated in the picture […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Hackers exploit Fortra GoAnywhere flaw before public alert

Hacking / September 26, 2025

UK NCSC warns that attackers exploited Cisco firewall zero-days to deploy RayInitiator and LINE VIPER malware

Hacking / September 26, 2025

Google warns of Brickstorm backdoor targeting U.S. legal and tech sectors

Malware / September 26, 2025

U.S. CISA adds CISCO Secure Firewall ASA and Secure FTD flaws to its Known Exploited Vulnerabilities catalog

Hacking / September 25, 2025

Operation HAECHI VI seized $439M from global cybercrime rings

Cyber Crime / September 25, 2025